I’m trying to just use the remote introspection for OKTA.
I created a SPA application with PKCE. It only has the client id but no client secret.
When I configured the remote introspection inforamtion in the external authorization server, I don’t know which client secret should be input. If I leave it blank, the page doesn’t le me save.
So I just input another okta web app’s client secret.
but I alway got the error message as below:
“UnAuthorized application request”
If I remove the remote introspection information and input the local introspection information, I can get the correct result, no error “UnAuthorized application request”.
Any idea how to configure the correct remote introspection for okta SPA with PKCE?
Thanks & Regards,